[Privoxy-users] https inspection using intermediate CA
Chakib Benziane
contact at sp4ke.xyz
Sun Aug 7 19:53:49 UTC 2022
Hi,
I am tring to use https inspection using a CA that is an intermediate
not Root and the TLS handshake is failing between client and privoxy.
I tracked down the problem to the generation of host certificates which
sets the "Issuer" of the cert the same as the Issuer of the provided CA
file. This works well when the provided CA the Root but in my case I
want to use an Intermediate CA which is the only CA I deploy on my
machines.
Is there a reason why you are copying the Issuer field from the CA to
the host certificate ?
Why not set the Issuer of the generated certificate as the Subject of the CA
file ? (see openssl.c L1984 - privoxy-3.0.33-stable)
Regards,
Chakib
More information about the Privoxy-users
mailing list